<?php

function user_ctrl($username) {
    if ($GLOBALS['l_role'] >= 3) {
        $link = db_connect();
        if ($link) {
            $sql = "SELECT * FROM user WHERE username='".htmlspecialchars($username, ENT_QUOTES)."'";
            $result = mysqli_query($link, $sql);
            if ($result) {
                $row = mysqli_fetch_assoc($result);
                if ($row) {
                    db_close($link);
                    return false;
                } else {
                    db_close($link);
                    return true;
                }
            } else {
                db_close($link);
                return true;
            }
        }
    }
    return false;
}

function user_fillTab() {
    if ($GLOBALS['l_role'] >= 0) {
        $link = db_connect();
        if ($link) {
            $sql = "SELECT * FROM user";
            $result = mysqli_query($link, $sql);
            if ($result) {
                $int = 0;
                while($row = mysqli_fetch_assoc($result)) {
                    $int = $int+1;
                    if ($int % 2 == 0) {
                        echo('<tr class="lichy">');
                    } else {
                        echo('<tr class="sudy">');
                    }
                    echo ("<td>".$row['ID']."</td><td>".$row['name']."</td><td>".$row['tel']."</td><td>".$row['icq']."</td><td>".$row['mail']."</td><td>".$row['adresa']."</td>");
                    echo ("</tr>");
                }
            }
        }
    }
}

function user_change_pass($pass_old, $pass) {
    if ($GLOBALS['l_role'] >= 0) {
        $link = db_connect();
        if ($link) {
            $sql_upd = "UPDATE user SET pass='".hash("md5", $pass)."' WHERE username='".htmlspecialchars($_SESSION['username'], ENT_QUOTES)."' AND pass='".hash("md5", $pass_old)."'";
            $result = mysqli_query($link, $sql_upd);
            if ($result) {
                db_close($link);
                return true;
            } else {
                echo($result);
                db_close($link);
                return false;
            }
        }
    }
    return false;
}

function user_fillTab_admin(){
        if ($GLOBALS['l_role'] >= 10) {
        $link = db_connect();
        if ($link) {
            $sql = "SELECT * FROM user";
            $result = mysqli_query($link, $sql);
            if ($result) {
                $int = 0;
                while($row = mysqli_fetch_assoc($result)) {
                    $int = $int+1;
                    if ($int % 2 == 0) {
                        echo('<tr class="lichy">');
                    } else {
                        echo('<tr class="sudy">');
                    }
                    echo ("<td>".$row['ID']."</td><td>".$row['name']."</td><td>".$row['username']."</td><td>".$row['role_name']."</td><td>".$row['tel']."</td><td>".$row['icq']."</td><td>".$row['mail']."</td><td>".$row['adresa']."</td>");
                    echo ('<td><a href="user_edit_admin.php?q='.$row['username'].'">edit</a></td><td><a href="user_del.php?q='.$row['username'].'">del</a></td>');
                    echo ("</tr>");
                }
            }
        }
    }
}

function user_del($user) {
    if ($GLOBALS['l_role'] >= 10) {
        $link = db_connect();
        if ($link) {
            $sql_del = "DELETE FROM user WHERE username='".htmlspecialchars($user)."'";
            echo($sql_del);
            $result = mysqli_query($link, $sql_del);
            if ($result) {
                return true;
            } else {
                return false;
            }
        } else {
            return false;
        }
    }
}
function user_load_value_admin($value, $login){
        if ($GLOBALS['l_role'] >= 10) {
        $link = db_connect();
        if ($link) {
            $sql = "SELECT * FROM user WHERE username='".htmlspecialchars($login, ENT_QUOTES)."'";
            $result = mysqli_query($link, $sql);
            if ($result) {
                $row = mysqli_fetch_assoc($result);
                if ($row) {
                    db_close($link);
                    return $row[$value];
                } else {
                    db_close($link);
                    return false;
                }
            } else {
                db_close($link);
                return false;
            }
        }
    }
    return false;
}

function user_role_exits($role){
            if ($GLOBALS['l_role'] >= 10) {
        $link = db_connect();
        if ($link) {
            $sql = "SELECT * FROM role WHERE name='".htmlspecialchars($role, ENT_QUOTES)."'";
            $result = mysqli_query($link, $sql);
            if ($result) {
                $row = mysqli_fetch_assoc($result);
                if ($row) {
                    db_close($link);
                    return true;
                } else {
                    db_close($link);
                    return false;
                }
            } else {
                db_close($link);
                return false;
            }
        }
    }
    return false;
}

function user_load_value($value) {
    if ($GLOBALS['l_role'] >= 0) {
        $link = db_connect();
        if ($link) {
            $sql = "SELECT * FROM user WHERE username='".htmlspecialchars($_SESSION['username'], ENT_QUOTES)."'";
            $result = mysqli_query($link, $sql);
            if ($result) {
                $row = mysqli_fetch_assoc($result);
                if ($row) {
                    db_close($link);
                    return $row[$value];
                } else {
                    db_close($link);
                    return false;
                }
            } else {
                db_close($link);
                return false;
            }
        }
    }
    return false;
}

function user_add($username, $pass, $name, $mail, $tel, $icq, $adress) {
    if ($GLOBALS['l_role'] >= 3 ) {
        $link = db_connect();
        if ($link) {


            $sql_ins = "INSERT INTO user(role_name, username, pass, name, tel, icq, mail, adresa, loged) VALUES('uzivatel', '".htmlspecialchars($username, ENT_QUOTES)."', '".hash("md5", $pass)."', '".htmlspecialchars($name, ENT_QUOTES)."', '".htmlspecialchars($tel, ENT_QUOTES)."', '".htmlspecialchars($icq, ENT_QUOTES)."', '".htmlspecialchars($mail, ENT_QUOTES)."', '".htmlspecialchars($adress, ENT_QUOTES)."', 0) ";
            $result = mysqli_query($link, $sql_ins);
            if ($result) {
                db_close($link);
                return true;
            } else {
                db_close($link);
                return false;
            }
        }
    }
    return false;
}

function user_upd_admin($user, $name, $mail, $tel, $icq, $adress, $role){
    if ($GLOBALS['l_role'] >= 10) {
        $link = db_connect();
        if ($link) {
            $sql_ins = "UPDATE user SET name='".htmlspecialchars($name, ENT_QUOTES)."', tel='".htmlspecialchars($tel, ENT_QUOTES)."', icq='".htmlspecialchars($icq, ENT_QUOTES)."', mail='".htmlspecialchars($mail, ENT_QUOTES)."', adresa='".htmlspecialchars($adress, ENT_QUOTES)."', role_name='".htmlspecialchars($role, ENT_QUOTES)."' WHERE username='".htmlspecialchars($user, ENT_QUOTES)."'";
            $result = mysqli_query($link, $sql_ins);
            if ($result) {
                db_close($link);
                return true;
            } else {
                db_close($link);
                return false;
            }
        }
    }
}


function user_upd_self($username_old, $name, $mail, $tel, $icq, $adress) {
    if ($GLOBALS['l_role'] >= 0) {
        $link = db_connect();
        if ($link) {
            $sql_ins = "UPDATE user SET name='".htmlspecialchars($name, ENT_QUOTES)."', tel='".htmlspecialchars($tel, ENT_QUOTES)."', icq='".htmlspecialchars($icq, ENT_QUOTES)."', mail='".htmlspecialchars($mail, ENT_QUOTES)."', adresa='".htmlspecialchars($adress, ENT_QUOTES)."' WHERE username='".htmlspecialchars($username_old, ENT_QUOTES)."'";
            $result = mysqli_query($link, $sql_ins);
            if ($result) {
                db_close($link);
                return true;
            } else {
                db_close($link);
                return false;
            }
        }

    }
    return false;
}

?>
